Home Publications CV Talks FAQ Bio
Research Overview
Our research group is CHIMPS (Computer Human Interaction: Mobility Privacy Security). We do research in smartphone privacy, usable security, and AI bias and fairness, drawing on ideas and methods from human-computer interaction, machine learning, systems, and social psychology.

We have had a lot of positive impact on science and on practice. Our work on anti-phishing was adopted by industry groups, inspired the design of anti-phishing browser warnings. Our team's work on PrivacyGrade.org has influenced industry and policy makers with respect to smartphone privacy. We also developed new kinds of smartphone user interfaces for privacy as part of the DARPA Brandeis Privacy Enhancements for Android.

Our work has also been featured in CNN, New York Times, BBC, CBS News, MIT Tech Review, World Economic Forum, and more. Our team has been generously funded by DARPA, National Science Foundation, Army Research Office, Amazon, IBM, Google, Intel, Microsoft, Nokia, NQ Mobile, Pitney Bowes, Portugal Telecom, Samsung, Yahoo, CMU Cylab, the Alfred P. Sloan Foundation, and more.

I help run the Pervasive Computing subreddit. I sometimes write for BLOG@CACM. I was also a co-founder of Wombat Security Technologies, which developed cybersecurity training software that helped train millions of people around the world. Wombat Security was acquired by Proofpoint in March 2018.

What's New?
Feb 27, 2024
I gave a talk entitled An Overview of Privacy for Mobile Sensing Systems for the mDOT NIH Center.

Dec 13, 2023
I gave a distinguished lecture at Univ Wisconsin-Madison entitled Helping Developers with Privacy.

Nov 20, 2023
New book chapter, Designing for Privacy in Mobile Sensing Systems, book chapter in Mobile Sensing in Psychology: Methods and Applications. I tried to summarize everything I know about legal, philosophical, design, and technical issues about privacy in this chapter.

July 25, 2023
My blog post What Can the FATE Community Learn from the Successes and Failures in Privacy? was published in CACM August 2023 issue.

May 27, 2023
I had the honor of being the 2023 commencement speaker at the South Carolina Governor's School for Science and Math, my alma mater. See the text of the speech or video here.

Apr 20, 2023
Our paper What makes people install a COVID-19 contact-tracing app? Understanding the influence of app design and individual difference on contact-tracing app adoption intention won Best Research Paper 2019-2021 in Pervasive and Mobile Computing.

Apr 4, 2023
Our paper Understanding Frontline Workers’ and Unhoused Individuals’ Perspectives on AI Used in Homeless Services won a best paper award at CHI 2023.

Jan 19, 2023
I was named an ACM Fellow!

Jun 7, 2022
Our work on Livehoods won ICWSM Test of Time award! Also check out livehoods.org.

Nov 23, 2021
Our paper on Software-Defined Cooking Using a Microwave Oven is a Research Highlight in the Dec 2021 issue of CACM.

Nov 23, 2021
ClearTerms data set is available here. This is a spreadsheet containing the results of several thousand crowdsourced judgements comparing different statements in Terms and Conditions for about a dozen ecommerce web sites.

Nov 7, 2021
We made EMA data publicly available from our study on social interactions, social support, mood, and well-being during 2020 COVID.

Apr 27, 2021
New paper on arxiv summarizing our work on DARPA Brandeis project for smartphone privacy: The Design of the User Interfaces for Privacy Enhancements for Android

Apr 24, 2021
Use our SA-6 and SA-13 survey instrument to assess people's security attitudes. You can also take the SA-6 quiz online here.

Apr 22, 2021
Posted new paper to arxiv, What Makes People Install a COVID-19 Contact-Tracing App? Understanding the Influence of App Design and Individual Difference on Contact-Tracing App Adoption Intention

Feb 10, 2021
We just received $1M in new funding from NSF and Amazon to investigate Fairness in AI!

Oct 21, 2020
I did a keynote talk for CHIuXiD entitled Privacy for Mobile Sensing Systems.

Jun 29, 2020
I've joined the Board of Trustees of the GSSM Foundation (my old high school)

May 1, 2020
Our web site showcasing our work on the user interfaces for DARPA Brandeis smartphone privacy is now up

Feb 14, 2020
I'm now a member of CHI Academy!

Mar 13, 2019
I wrote a blog entry on CACM entitled Why is Privacy So Hard?

Mar 5, 2019
My wife and I helped found two junior faculty chairs in the Human-Computer Interaction Institute at CMU.

Feb 26, 2019
I gave a talk at Lakehead University entitled Are My Devices Spying on Me? Living in a World of Ubiquitous Computing.

Nov 30, 2018
Our team has released the MobiPurpose data set. It contains over 2 million unique intercepted traffic requests from 15k+ smartphone apps, gathered from our array of smartphones.

Mar 1, 2018
Wombat Security, which I co-founded in 2008, was acquired by Proofpoint for $225m!

Sep 1, 2017
I wrote a roadmap for privacy research entitled The Privacy Landscape for Pervasive and Ubiquitous Computing.

May 29, 2017
I was recently honored with Alumni of the Year from my old high school, South Carolina Governor's School for Science and Math. Here is a link to my speech at the commencement.

May 16, 2017
The HCII and the Tepper School of Business are offering a new Master's Degree of Product Management. I'm helping to run the HCII side.

Jun 7, 2016
White paper with New America entitled Toward a Safe and Secure Internet of Things.

Sep 9, 2015
Presented some of our team's work on using smartphones for healthcare at the World Economic Forum at Dalian.

Aug 13, 2015
Our CCS 2014 paper Increasing Security Sensitivity with Social Proof: A Large-Scale Experimental Confirmation won Honorable Mention at NSA's Best Scientific Cybersecurity Paper Competition.

Dec 26, 2014
PrivacyGrade.org presents our privacy analysis of 1 million Android apps. Our work has appeared on CNN, US News and World Report, New York Times, CNBC, IEEE Spectrum, Forbes, and more.

Sep 17, 2014
My brother and I have created the Frances and Chou-Chu Hong graduate fellowship at the Veterinary and Animal Sciences Department at the University of Massachusetts.

Oct 25, 2013
Gave a talk at PopTech 2013 on sensing and privacy. See slides and video here.

Apr 9, 2012
Livehoods.org re-imagines how cities work in the age of social media. Livehoods has been featured in The Atlantic Cities, Wired Insider, MIT Technology Review, Fast Company Co.Design, New York Post, Wall Street Journal, and Haaretz.

Current Research

Some Older Research
Personal Behavioral Data
How can we make better use of all of the wealth of personal behavioral data (smartphones, web usage, social networking) to develop a better computational model of people, places, activities, and things?

UniAuth: Streamlining Authentication for Ubiquitous Computing
What kinds of protocols, APIs, and user interfaces are needed for our smartphones to manage all of our authentication needs, both for the web and Internet of Things? See our set of papers on authentication for ubicomp here.

Urban Analytics
How can we use location data from smartphones and social media to understand cities? See our papers on urban analytics here.

User-Controllable Security & Privacy for Pervasive Computing
How can we combine machine learning, dialog, and better user interfaces to empower people to manage their privacy? See our papers on ubicomp privacy here.

Why do people fall for phishing scams? Can we train people not to fall for scams? Can we also develop techniques to detect phishing emails? See our large set of papers on anti-phishing here.

Rapid Prototyping and UX Design Tools
How can we help people design interactive systems faster and better? My past work in this area include sketching interfaces, design patterns, and tools for rapid prototyping. See our set of papers on design tools here.

The CHIMPS Research Team
Our research group is CHIMPS (Computer Human Interaction: Mobility Privacy Security). We have an amazingly talented group of PhD students and post-docs: Some alums of the CHIMPS group:
  • Karen Tang
  • Janne Lindqvist, now an Assoc Prof at Aalto (previously Rutgers)
  • Polo Chau (with Christos Faloutsos and Niki Kittur), now an assoc prof at Georgia Tech
  • Guang Xiang (with Carolyn Rose), now doing an AI startup in China
  • Jialiu Lin (with Norman Sadeh), now at Waymo (previously was a privacy engineer at Google)
  • Shah Amini, now at Facebook (previously Appthority and Google)
  • Jun Ki Min, now at Motorola
  • Mike Villena, now at Appthority
  • Afsaneh Doryab, now an Asst Prof at UVa (previously CMU)
  • Song Luan, now at YouTube (previously Uber)
  • Jason Wiese (with John Zimmerman), now an Asst Prof at University of Utah
  • Eiji Hayashi, now at Google ATAP
  • Sauvik Das, now an Asst Prof at Georgia Tech
  • Dan Tasse, now a data scientist at StitchFix
  • Siyan Zhao, now a UX designer at Google
  • Hong Shen, now an asst research prof at CMU
  • Cori Faklaris (with Laura Dabbish), now an asst prof at UNC-Charlotte
  • Haojian Jin, now an asst prof at UCSD
Some of My Writings and Other Stuff I Helped Create
Running Program Committees My Cybersecurity Advice (for general audiences) Research Tools, Software, and Web Sites Research Data Sets Instructor Guides and Reading Seminars Advice for PhD students and Grad School Applicants Odds and Ends The Design of Sites
I co-authored a book on web site design, which uses the notion of web design patterns as a way for facilitating the design of customer-centered web sites. Check out the web site for our book The Design of Sites. Our book has been translated into Polish, Chinese, Korean (and possibly other languages as well).
Current Service Some Past Service